Originally the container was started as a privileged container with security.privileged="true". But after that I have removed the security.privileged configuration and restarted the container. Is this the root cause of the problem?
May I know what is the correct steps to change a privileged container to an unprivileged container? Thanks for your reply. On Sat, Nov 23, 2019 at 12:28 AM Stéphane Graber <stgra...@stgraber.org> wrote: > Hmm, not sure why you have those devices in this container in the first > place, normally /dev is left empty and mounted as tmpfs in the container. > You could likely just edit the tarball to remove the content of dev/ and > then import it just fine. > > On Fri, Nov 22, 2019 at 2:19 AM Chris Han <chrishan...@gmail.com> wrote: > >> Hi, >> >> I have an unprivileged LXD container, c1, running in a physical host. I >> have exported this container to tar.gz: >> >> lxc export c1-unprivileged c1-unprivileged.tar.gz >> >> >> I have created another unprivileged LXD container, c2, with settings for >> nested containers. Inside the c2 container, I am able to launch a >> nested unprivileged LXD container, c3. The c3 container is working fine. >> >> lxc launch ubuntu:18.04 c3-unprivileged-nested >> >> >> However, when I try to import the c1 tar.gz file inside c2 to create a >> nested container, it shows the following error message: >> >> lxc import c1-unprivileged.tar.gz >> >> tar: rootfs/dev/zero: Cannot mknod: Operation not permitted >> tar: rootfs/dev/random: Cannot mknod: Operation not permitted >> tar: rootfs/dev/tty: Cannot mknod: Operation not permitted >> tar: rootfs/dev/null: Cannot mknod: Operation not permitted >> tar: rootfs/dev/full: Cannot mknod: Operation not permitted >> tar: rootfs/dev/urandom: Cannot mknod: Operation not permitted >> >> I am able to import the c1 tar.gz file in a physical host, but unable to >> import it in an unprivileged container (to create a nested container). The >> LXD network and storage settings in the physical host and the c2 container >> are exactly the same. >> >> How to import the c1 tar.gz in the c2 unprivileged container? >> >> _______________________________________________ >> lxc-users mailing list >> lxc-users@lists.linuxcontainers.org >> http://lists.linuxcontainers.org/listinfo/lxc-users >> > > > -- > Stéphane > _______________________________________________ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-users >
_______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
